What can I do if someone tampers with my SSH public key?
I understand private keys being compromised is a huge risk; however, what about public keys. If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
linux encryption
add a comment |
I understand private keys being compromised is a huge risk; however, what about public keys. If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
linux encryption
Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.
– Ramhound
2 hours ago
add a comment |
I understand private keys being compromised is a huge risk; however, what about public keys. If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
linux encryption
I understand private keys being compromised is a huge risk; however, what about public keys. If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
linux encryption
linux encryption
edited 3 hours ago
JakeGould
31.6k1097139
31.6k1097139
asked 3 hours ago
KevKev
112
112
Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.
– Ramhound
2 hours ago
add a comment |
Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.
– Ramhound
2 hours ago
Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.
– Ramhound
2 hours ago
Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.
– Ramhound
2 hours ago
add a comment |
2 Answers
2
active
oldest
votes
The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.
Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.
Your original question asked:
"If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...
then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.
You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.
There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys
add a comment |
You can always regenerate a public key as long as you have the private key.
You ask:
If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?
No worries as long as you have your private key. Just run this command:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub
via this method. So you might want to open it up in a text editor and manually add that.
About your other concerns.
Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.
Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1411961%2fwhat-can-i-do-if-someone-tampers-with-my-ssh-public-key%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.
Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.
Your original question asked:
"If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...
then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.
You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.
There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys
add a comment |
The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.
Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.
Your original question asked:
"If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...
then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.
You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.
There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys
add a comment |
The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.
Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.
Your original question asked:
"If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...
then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.
You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.
There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys
The whole point of a public key is to be widely known. It can be vetted by the PKI (public key infrastructure). You can sign messages (and other things) with your private key locally on your PC, and others can confirm that the message came from you.
Similarly, the public key can be put into the SSH config files on remote servers. When you SSH into those servers, they present a challenge that can only be correctly answered by someone with the proper private key.
Your original question asked:
"If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it"...
then it would no longer be the same public key. You can regenerate the public key immediately for another admin to set the proper public key.
You have secondary worries: Who else can get access to my machine, what can they do, and how do I recover? hose answers are complicated and situational.
There are many good resources on SSH and PKI on the web... here's a good start: SSH Essentials: Working with SSH Servers, Clients, and Keys
edited 3 hours ago
JakeGould
31.6k1097139
31.6k1097139
answered 3 hours ago
Christopher HostageChristopher Hostage
3,5301028
3,5301028
add a comment |
add a comment |
You can always regenerate a public key as long as you have the private key.
You ask:
If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?
No worries as long as you have your private key. Just run this command:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub
via this method. So you might want to open it up in a text editor and manually add that.
About your other concerns.
Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.
Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.
add a comment |
You can always regenerate a public key as long as you have the private key.
You ask:
If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?
No worries as long as you have your private key. Just run this command:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub
via this method. So you might want to open it up in a text editor and manually add that.
About your other concerns.
Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.
Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.
add a comment |
You can always regenerate a public key as long as you have the private key.
You ask:
If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?
No worries as long as you have your private key. Just run this command:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub
via this method. So you might want to open it up in a text editor and manually add that.
About your other concerns.
Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.
Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.
You can always regenerate a public key as long as you have the private key.
You ask:
If someone were to access my public key associated with the private key I use to SSH in the Linux server, and modify it, wouldn’t that prevent me access to the server; therefor, affecting availability on my end?
So is the situation you are concerned about something like you leave your computer on, don’t put it to sleep, run away to do something, then someone goes to your computer and just adds a few characters to your public key so it is effectively damaged? Or even deletes it?
No worries as long as you have your private key. Just run this command:
ssh-keygen -y -f ~/.ssh/id_rsa > ~/.ssh/id_rsa.pub
And your public key will be regenerated. Just note that the comment at the end of the public key line that allows you to more easily identify which key is what—via what is typically an email address—won’t be added to this id_rsa.pub
via this method. So you might want to open it up in a text editor and manually add that.
About your other concerns.
Now if you are concerned about someone hacking the public key on a remote machine in a way that denies you access? Honestly, you would have a fairly larger issue to deal with in a case like that.
Typically, someone would need to be able to gain root access on a machine to do that. And that is not unheard of but a rare occurrence at best.
edited 3 hours ago
answered 3 hours ago
JakeGouldJakeGould
31.6k1097139
31.6k1097139
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1411961%2fwhat-can-i-do-if-someone-tampers-with-my-ssh-public-key%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Your public key is supposed to be shared. It is the key that encrypts the data, your private key, decrypts the data.
– Ramhound
2 hours ago